Mantle Network (Token Migration)
Summary
Quantstamp performed an audit for the token migration plan of Mantle Network of migrating the `$BIT` token to the `$MNT` token based on the code present in the listed repositories. <br><br> BitDAO community decided in [BIP-21](https://snapshot.org/#/bitdao.eth/proposal/0xe81f852d90ba80929b1f19683da14b334d63b31cb94e53249b8caed715475693) and [MIP-22](https://snapshot.org/#/bitdao.eth/proposal/0x950dac4d5715b8aa8eab29c484b1c9dd0eed161141262b0425874f65be4d9f8e) proposals to start a token migration plan to optimize and unify the Mantle ecosystem. Through a smart contract, users will be allowed to convert `$BIT` tokens to `$MNT` tokens. This operation can only be performed in one direction, depositing `$BIT` to obtain `$MNT` and not the other way around. MNT-1 issue covers this and tries to bring the Mantle team's attention to confirm the token conversion ratio. <br><br> The token contract owner is responsible for minting and transferring the new `$MNT` tokens to the migration contract. Owner functions are limited, he can only mint once every year and is limited by an inflation cap (modifiable, but capped to 20%). However, we recommend protecting this privileged wallet with a multi-signature mechanism to avoid possible minting to an arbitrary address. We recommend being extra careful when transferring the ownership of this contract as well, as future mints will not be possible if the new owner's address is not controlled by Mantle. <br><br> Regarding code coverage, the repository shows an average of 75% branch coverage. We recommend increasing it to at least 90%. <br><br> Several issues were found in the auditing process. All of them are discussed in this report, including some best practices and documentation recommendations. We recommend addressing all of them. <br><br> **After fix-review**: The developers addressed all issues by either fixing or acknowledging them. Issue MNT-6 (Old Solidity Version) was mitigated, as the solidity version was upgraded to `0.8.15`, while we recommend upgrading to `0.8.18`. We still recommend raising the code coverage metrics.
Issues (6)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 2 | 1 | - | - | 3 |
Fixed | 2 | - | 1 | - | 3 |
| Total | 4 | 1 | 1 | 0 | 6 |